Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/2gem_s7OXY9RAP-ycmH2xxzMRNo.roa
File: 2gem_s7OXY9RAP-ycmH2xxzMRNo.roa (raw, json)
Hash identifier: 6NO1TmiFHnyHzmCN0vzltL3ibNQx4wAuQ4KlzIiXvoM=
Subject key identifier: DA:07:A6:FE:CE:CE:5D:8F:51:00:FF:B2:72:61:F6:C7:1C:CC:44:DA
Certificate issuer: /CN=156f04fc5ca875315ab0b854b64506b09c998e9a
Certificate serial: 018CC500F72237A0EC1B8C1B784D317D4DCA
Authority key identifier: 15:6F:04:FC:5C:A8:75:31:5A:B0:B8:54:B6:45:06:B0:9C:99:8E:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FW8E_FyodTFasLhUtkUGsJyZjpo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/2gem_s7OXY9RAP-ycmH2xxzMRNo.roa
Signing time: Mon 01 Jan 2024 12:30:23 +0000
ROA not before: Mon 01 Jan 2024 12:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39591
IP address blocks: 193.23.113.0/24 maxlen: 24
91.198.234.0/24 maxlen: 24
2001:678:668::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/FW8E_FyodTFasLhUtkUGsJyZjpo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/FW8E_FyodTFasLhUtkUGsJyZjpo.mft
rsync://rpki.ripe.net/repository/DEFAULT/FW8E_FyodTFasLhUtkUGsJyZjpo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 12:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f7:22:37:a0:ec:1b:8c:1b:78:4d:31:7d:4d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=156f04fc5ca875315ab0b854b64506b09c998e9a
Validity
Not Before: Jan 1 12:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da07a6fecece5d8f5100ffb27261f6c71ccc44da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:48:0f:ca:3b:99:08:7c:17:54:db:6a:11:e4:
b3:24:b6:a1:98:2d:89:b1:16:f9:ae:31:5c:89:c7:
1e:3e:15:4c:ef:91:ba:51:d2:bf:3d:dd:d6:c1:fe:
67:cc:ab:93:10:16:03:73:81:4b:4d:d9:5d:20:a3:
ba:e4:53:fd:2d:29:f2:c7:e2:a2:48:78:9a:6c:b5:
8a:95:35:44:5a:24:dc:e3:bd:7a:29:e4:a0:b1:74:
fd:93:5a:28:64:a8:7d:a6:cc:fc:4a:01:36:f4:4b:
08:f0:34:97:b4:fe:ef:95:a1:80:5e:cf:91:fd:75:
11:3f:31:84:f6:47:1a:30:a8:8a:17:de:4d:4d:bb:
ca:b1:f0:e0:e4:e1:7b:be:d5:30:be:0f:2b:18:26:
f7:97:93:81:06:e0:10:20:72:e8:af:30:d5:d0:c6:
b8:78:f3:69:23:7f:ba:27:ef:00:32:5f:a7:9e:6b:
97:65:75:73:24:52:b6:a8:fb:46:6c:e5:ba:11:47:
05:b2:e9:70:76:77:d0:71:bb:0c:5e:33:69:f2:d6:
2f:e8:e2:9b:84:fb:06:45:76:e7:67:27:5b:9b:9c:
08:3f:5e:5e:ed:a0:f7:da:72:19:85:2b:eb:ca:17:
f8:8f:c7:4b:57:d6:f4:75:d3:a9:60:e4:f3:88:70:
00:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:07:A6:FE:CE:CE:5D:8F:51:00:FF:B2:72:61:F6:C7:1C:CC:44:DA
X509v3 Authority Key Identifier:
keyid:15:6F:04:FC:5C:A8:75:31:5A:B0:B8:54:B6:45:06:B0:9C:99:8E:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FW8E_FyodTFasLhUtkUGsJyZjpo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/2gem_s7OXY9RAP-ycmH2xxzMRNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/FW8E_FyodTFasLhUtkUGsJyZjpo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.234.0/24
193.23.113.0/24
IPv6:
2001:678:668::/48
Signature Algorithm: sha256WithRSAEncryption
9f:55:a0:63:d9:df:85:8e:b5:cb:86:25:f5:a3:bf:97:0e:5c:
a5:68:2a:06:09:a4:97:ea:05:b4:d1:1d:9e:f4:e7:ff:34:c3:
a0:d8:80:9c:ca:15:8f:db:28:2d:b9:5f:be:f7:86:1e:82:eb:
9a:9e:d0:a4:b3:47:8f:03:e3:8a:b5:5c:14:67:ea:c0:5d:8d:
86:ac:b9:13:b5:6c:f9:cb:7d:19:9d:52:75:96:0f:1f:5b:ed:
32:be:3a:2e:94:b3:03:c8:41:9c:2f:f3:23:45:0e:38:f7:61:
f8:b9:b9:cf:f1:58:0a:ed:4e:82:64:b6:3a:ab:2e:5f:82:7f:
63:fa:2f:36:bc:9a:02:a5:2b:e6:3e:37:57:81:87:d8:2c:0c:
4a:1f:b7:06:ec:e7:dc:b3:37:81:7f:a8:b0:9d:09:ee:7d:7b:
75:7d:75:f7:87:d1:fc:50:72:fe:34:b7:62:e0:79:59:1c:df:
be:24:bc:71:98:c4:83:e6:aa:3e:a6:21:70:cc:8c:66:e9:2f:
93:3d:4c:d1:e5:e0:3a:fa:3d:07:9f:5d:ee:47:c3:df:25:d2:
3b:29:b8:36:7a:9e:02:15:76:0c:2a:71:8e:2c:e1:74:d4:38:
a7:0e:c2:91:b7:88:30:1f:15:ce:84:85:12:b0:da:03:d4:69:
96:ac:15:fc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFAPciN6DsG4wbeE0xfU3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NmYwNGZjNWNhODc1MzE1YWIwYjg1NGI2NDUwNmIwOWM5
OThlOWEwHhcNMjQwMTAxMTIzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTA3YTZmZWNlY2U1ZDhmNTEwMGZmYjI3MjYxZjZjNzFjY2M0NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEgPyjuZCHwXVNtqEeSzJLahmC2J
sRb5rjFciccePhVM75G6UdK/Pd3Wwf5nzKuTEBYDc4FLTdldIKO65FP9LSnyx+Ki
SHiabLWKlTVEWiTc4716KeSgsXT9k1ooZKh9psz8SgE29EsI8DSXtP7vlaGAXs+R
/XURPzGE9kcaMKiKF95NTbvKsfDg5OF7vtUwvg8rGCb3l5OBBuAQIHLorzDV0Ma4
ePNpI3+6J+8AMl+nnmuXZXVzJFK2qPtGbOW6EUcFsulwdnfQcbsMXjNp8tYv6OKb
hPsGRXbnZydbm5wIP15e7aD32nIZhSvryhf4j8dLV9b0ddOpYOTziHAAxwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNoHpv7Ozl2PUQD/snJh9scczETaMB8GA1UdIwQY
MBaAFBVvBPxcqHUxWrC4VLZFBrCcmY6aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlc4RV9GeW9kVEZhc0xoVXRrVUdzSnlaanBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mNzEwY2UtNDQwZi00MDVmLWFjNTAt
YWE5NDI5OTRmYzYwLzEvMmdlbV9zN09YWTlSQVAteWNtSDJ4eHpNUk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mNzEwY2UtNDQwZi00MDVmLWFjNTAtYWE5NDI5OTRmYzYw
LzEvRlc4RV9GeW9kVEZhc0xoVXRrVUdzSnlaanBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW8bqAwQA
wRdxMA8EAgACMAkDBwAgAQZ4BmgwDQYJKoZIhvcNAQELBQADggEBAJ9VoGPZ34WO
tcuGJfWjv5cOXKVoKgYJpJfqBbTRHZ705/80w6DYgJzKFY/bKC25X773hh6C65qe
0KSzR48D44q1XBRn6sBdjYasuRO1bPnLfRmdUnWWDx9b7TK+Oi6UswPIQZwv8yNF
Djj3Yfi5uc/xWArtToJktjqrLl+Cf2P6Lza8mgKlK+Y+N1eBh9gsDEoftwbs59yz
N4F/qLCdCe59e3V9dfeH0fxQcv40t2LgeVkc374kvHGYxIPmqj6mIXDMjGbpL5M9
TNHl4Dr6PQefXe5Hw98l0jspuDZ6ngIVdgwqcY4s4XTUOKcOwpG3iDAfFc6EhRKw
2gPUaZasFfw=
-----END CERTIFICATE-----
Generated at Wed May 15 19:28:35 2024 by rpki-client on console-fra.rpki-client.org